net.i2p.crypto
Class ElGamalEngine

Wrapper for ElGamal encryption/signature schemes.
Does all of Elgamal now for data sizes of 222 bytes and less. The data to be
encrypted is first prepended with a random nonzero byte, then the 32 bytes
making up the SHA256 of the data, then the data itself. The random byte and
the SHA256 hash is stripped on decrypt so the original data is returned.

encrypt

data - data to encrypt, must be 222 bytes or less
As the encrypted data may contain a substantial number of zeros if the
cleartext is smaller than 222 bytes, it is recommended that the caller pad
the cleartext to 222 bytes with random data.

Returns:

encrypted data, will be exactly 514 bytes long
Contains the two-part encrypted data starting at bytes 0 and 257.
If the encrypted parts are smaller than 257 bytes, they will be
padded with leading zeros.
The parts appear to always be 256 bytes or less, in other words,
bytes 0 and 257 are always zero.

decrypt

encrypted - encrypted data, must be exactly 514 bytes
Contains the two-part encrypted data starting at bytes 0 and 257.
If the encrypted parts are smaller than 257 bytes, they must be
padded with leading zeros.